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CLAIMS 



What is claimed is: 

1 . A data sharing method comprising: 
12 designating a first user as an eligible shared data Contributor; 

3 designating an authorized service component o/ said eligible shared data 

4 contributor as a shared data publishing component;; 

5 defining a data publication; 

6 tagging data managed by said publish!^ component for inclusion in said 

7 data publication; 

8 designating a second user as an efigible shared data subscriber; 

9 associating said second useraar a subscriber of said data publication; 

10 contributing to said data mar^ged by said publishing component by said 

1 1 shared data contributor; and 

12 facilitating access to saifl data managed by said publishing component based 

13 on said second user's subscription to said data publication, with which said said 

14 managed by said publishing component is tagged for inclusion. 

1 2. The method o/ claim 1 , wherein said defining comprises assigning a 

2 publication identifier for said data publication, and said tagging comprises assigning 

3 said assigned pifblication identifier to a component property of said publishing 

4 component. 
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1 3. The method of claim 1 , wherein said method further comprises/designating 

2 said data publication as a data publication available for subscription by eligible 

3 shared data subscribers of an organization, of which said second user is a member. 

1 4. The method of claim 3, wherein said first user is a\po a member of said 

2 organization. 

1 5. The method of claim 3, wherein said first \/ser is not a member of said 

2 organization. 

1 6. The method of claim 1 , wherein saicl method further comprises determining 

2 data said second user is authorized to /access when initialing a session environment 

3 for said user or when instantiating a/equested component, and said determining 

4 includes resolving said second user's subscription of said data publication to said 

5 publishing component. 



□ 1 7. The method of claims, wherein said defining comprises assigning a 

5 9 I 

pa / 

2 publication identifier for sand data publication, and said tagging comprises assigning 

3 said assigned publication identifier to a component property of said publishing 

4 component, and said resolution is made through said publication identifier. 

1 8. A data sharing method comprising: 

2 designating a user as an eligible shared data contributor; 

3 designating an authorized service component of said eligible shared data 

4 contributor as a shared data publishing component; 

5 defining a data publication; 
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6 tagging data managed by said publishing component for inclusion in said 

7 data publication to facilitate sharing of data managed by said publishing component 

8 with other users through said other users' subscription to said data publication; and 

9 contributing to said data managed by said publishing component by said 
10 shared data contributor. 

1 9. The method of claim 8, wherein said defining comprises assigning a 

2 publication identifier for said data publication, and said tagging comprises assigning 

3 said assigned publication identifier to a comj^onent property of said publishing 
P 4 component. 

•- S~H 
•~_ : 

i? 1 1 0. A data sharing method comprising: 
;7 2 designating a user as an eligible shared data subscriber; 

^ 3 associating said user as a/subscriber of a data publication including data 

p 4 managed by a publishing component; and 

rU 5 facilitating access to said data managed by said publishing component based 

"hi I 

O 6 on said user's subscription p said data publication, with which said data managed 

7 by said publishing component is tagged for inclusion. 

1 11. The method of claim 1 0, wherein said user is a member of an organization, 

2 and said method further comprises designating said data publication as available for 

3 subscription by eligible shared data subscriber users of said organization. 

1 12. The method of claim 10, wherein said method further comprises determining 

2 data said user/is authorized to access when initialing a session environment for said 

3 user or when/instantiating a requested component, and said determining includes 
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4 resolving said user's subscription of said data publication to said publishing 

5 component. / 

1 13. The method of claim 12, wherein said data publication is assigned a 

2 publication identifier and a property of said service component is also assigned with 

3 said publication identifier; further, said resolution is made4hrough said publication 

4 identifier. / 

1 14. An apparatus comprising: / 



p% 2 storage medium having stored therein a/plurality of programming instructions 

3 designed to facilitate / 

^ 4 designation of a user as an eligible shared data contributor, 

*fj 5 designation of an authorized service component of said eligible shared 

Ul 6 data contributor as a shsfred data publishing component, 

0 7 definition of a data publication, 

FU 8 tagging of data managed by said publishing component for inclusion in 

□ 9 said data publication to facilitate sharing of data managed by said 

c s / 

10 publishing component with other users through said other users' 

1 1 subscription to/said data publication, and 

12 contribution to said data managed by said publishing component by said 

13 shared data contributor; and 

14 one or more processors coupled to said storage medium to execute said 

15 programming instructions. 

1 15. The apparatus of claim 14, wherein said programming instructions are 

2 designed to facilitate said definition of a data publication by assigning a publication 
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3 ' identifier for said data publication, and said tagging by assigning saicj/assigned 

4 publication identifier to a component property of said publishing co/fiponent. 



1 16. An apparatus comprising: 

2 storage medium having stored therein a plurality of programming instructions 

3 designed to facilitate 

4 designation of a user as an eligible shared /lata subscriber, 

5 association of said user as a subscriber jzff a data publication including 

6 data managed by said publishing component, and 

7 access to said data managed by s^ra publishing component based on 

8 said user's subscription to saijzf data publication, with which said data 

9 managed by said publishing component is tagged for inclusion; and 

10 one or more processors couple^T to the storage medium to execute the 

1 1 programming instructions. 

1 17. The apparatus of claim 1J#, wherein said user is a member of an organization, 

2 and said programming instructions are further designed to facilitate designation of 

3 said data publication as available for subscription by eligible shared data subscriber 

4 users of said organization/ 



1 18. The apparatus/)f claim 16, wherein said programming instructions are further 

2 designed to determine data said user is authorized to access when initialing a 

3 session environment for said user or instantiating a requested component, including 

4 resolution of sai^T user's subscription of said data publication to said publishing 

5 component. 
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1 19. The apparatus of claim 18, wherein said programming instructions are further 

2 designed to assign said data publication a publication identifier/and assign the 

3 same publication identification to a property of said service p6mponent; further, to 

4 perform said resolution through said publication identifier^ 



a - 



1 20. An apparatus comprising: 

2 storage medium having stored therein a j3lurality of programming instructions 

3 designed to facilitate 

4 designation of a user as an eligityfe shared data contributor, 

5 designation of an authorized service component of said eligible shared 

6 data contributor as a shared data publishing component, 

7 defining a data publication 

8 tagging data managed fiy said publishing component for inclusion with said 

9 data publication,/ 

10 designation of a u^r as an eligible shared data subscriber, 

1 1 association of s^fd user as a subscriber of a data publication, 

12 contribution to/Gata managed by said publishing component by said 

13 associa^d shared data contributor, and 

14 access to ^aid data managed by said publishing component based on said 

15 user/s subscription to said data publication, with which said data 

16 managed by said publishing component is tagged for inclusion; and 

17 one or i^tore processors coupled to said storage medium to execute said 

1 8 programming instructions. 



1 21 . A data sharing method comprising: 
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2 facilitating authorization of members of a plurality of data sharing^entities to 

3 access a plurality of methods of a service component by a first user/and 

4 conditionally permitting a second user to invoke a first of said methods in 

5 accordance with whether said second user as a member of one of said plurality of 

6 data sharing entities is authorized to invoke said first method. 

1 22. The method of claim 21 , wherein said data snaring entities comprise a user 

2 group of which said first and second users are members, and said facilitating 

3 comprises facilitating implicit authorization oMaid second user, by said first user, to 

4 invoke said first method by authorizing all /nembers of said user group to invoke 

5 said first method. / 

1 23. The method of claim 21 , wherein said data sharing entities comprise an 

2 organization having one or more user groups, and said first user as well as said 

3 second user are members of/said organization, further, said facilitating comprises 

4 facilitating implicit authorization of said second user, by said first user, to invoke said 

5 method by authorizing alf members of said organization to invoke said method. 

1 24. The method d\ claim 21 , wherein said data sharing entities comprise an 

2 enterprise having .one or more organizational units, and said first user as well as 

3 said second user are members of said enterprise, further, said facilitating comprises 

4 facilitating implicit authorization of said second user, by said first user, to invoke said 

5 method by authorizing all members of said enterprise to invoke said method. 

1 25. The method of claim 21 , wherein said data sharing entities comprise an 

2 universal data sharing entity of which said first user and said second user are 
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3 members, said facilitating comprises facilitating implicit authorization of said second 

4 user, by said first user, to invoke said method by authorizing all members o^said 

5 universal data sharing entity to invoke said method. 



1 26. The method of claim 21 , wherein said methods comprise at least a selected 

2 one of a method to obtain data, a method to store data, and a/method to perform a 

3 predetermined execution using at least data managed by said component. 



1 27. The method of claim 21 , wherein said methocr further comprises said first 

2 user selectively authorizing himself/herself to perform one or more of invoking a first 

3 method of said component to obtain data, invoking a second method of said 

4 component to store data, and invoking a third method of said component to perform 

5 a predetermined execution using at leas? data managed by said component. 



u 



1 28. The method of claim 21 , wherein said facilitating comprises determining a 

2 security property value representative of authorization given to said members of said 

3 data sharing entities. 



1 29. The method of claim 28, wherein said determining comprises determining a 

2 binary representation for authorization given to members of one of said data sharing 

3 entities. 



1 30. The method of claim 29, wherein said determining further comprises 

2 converting a ybinary representation representative of authorization given to members 

3 of one of s^id data sharing entities to a decimal representation. 
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1 31 . The method of claim 30, wherein said determining further c6mprises 

2 concatenating a plurality of decimal representations to generate said security 

3 property value. 



1 32. The method of claim 21 , wherein said conditiop&lly permitting comprises 

2 determining whether said second user is a memb^/of said plurality of data sharing 

3 entities whose members have been authorized Jt6 share said data by said data 

4 contributor. 



1 33. The method of claim 32, whereiiysaid determining comprises examining a 

2 security property value representative of authorizations given to members of one or 

3 more data sharing entities. 

1 34. An apparatus comprisir)^: 

2 storage medium having stored therein a plurality of programming instructions 

3 designed to 

4 facilitate authorization of members of a plurality of data sharing entities to 

5 access ^/plurality of methods of a service component by a first user, 

6 and 

7 conditionally permit a second user to invoke a first of said methods in 

8 accordance with whether said second user as a member of one of said 

9 p|6rality of data sharing entities is authorized to invoke said first 

10 Aiethod; 

1 1 one 9>r more processors coupled to said storage medium to execute said 

12 programming instructions. 
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1 35. The apparatus of claim 34, wherein said data sharing entities comprise a user 

2 group of which said first and second users are members, and said pragramming 

3 instructions are further designed to facilitate implicit authorization off said second 

4 user, by said first user, to invoke said first method by authorizing all members of 

5 said user group to invoke said first method. / 

1 36. The apparatus of claim 34, wherein said data snaring entities comprise an 

2 organization having one or more user groups, and/said first user as well as said 

3 second user are members of said organizations/further, said programming 

4 instructions are further designed to facilitate implicit authorization of said second 

5 user, by said first user, to invoke said method by authorizing all members of said 

6 organization to invoke said method. / 

1 37. The apparatus of claim 34, vvherein said data sharing entities comprise an 

2 enterprise having one or more organizational units, and said first user as well as 

3 said second user are members of said enterprise, further, said programming 

4 instructions are further designed to facilitate implicit authorization of said second 

5 user, by said first user, to/invoke said method by authorizing all members of said 

6 enterprise to invoke said method. 

1 38. The apparatus of claim 34, wherein said data sharing entities comprise an 

2 universal data sharing entity of which said first user and said second user are 

3 members, said/programming instructions are further designed to facilitate implicit 

4 authorization/of said second user, by said first user, to invoke said method by 

5 authorizing/all members of said universal data sharing entity to invoke said method. 
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1 39. The apparatus of claim 34, wherein said methods comprise pi least a 

2 selected one of a method to obtain data, a method to store datg/and a method to 

3 perform a predetermined execution using at least data manned by said 

4 component. 



1 40. The apparatus of claim 34, wherein said programming instructions are further 

2 designed to facilitate said first user selectively Authorizing himself/herself to perform 

3 one or more of invoking a first method of s^id component to obtain data, invoking a 

4 second method of said component to stofe data, and invoking a third method of said 

5 component to perform a predetermined execution using at least data managed by 

6 said component. 



1 41 . The apparatus of clain/34, wherein said programming instructions are further 

2 designed to determine a se6urity property value representative of authorization 

3 given to said members or said data sharing entities. 

1 42. The apparatj/s of claim 41 , wherein said programming instructions are further 

2 designed to determine a binary representation for authorization given to members of 

3 one of said data sharing entities. 



1 43. The/apparatus of claim 42, wherein said programming instructions are further 

2 designed to facilitate converting a binary representation representative of 

3 authorization given to members of one of said data sharing entities to a decimal 

4 representation. 
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1 44. The apparatus of claim 43, wherein said programming instructions are further 

2 designed to concatenate a plurality of decimal representatiop^to generate said 

3 security property value. 

1 45. The apparatus of claim 34, wherein said/programming instructions are further 

2 designed to determine whether said seconja jser is a member of said plurality of 

3 data sharing entities whose members J*6ve been authorized to share said data by 

4 said data contributor. 



1 
2 
3 
1 



46. The apparatus of claim 45, wherein said programming instructions are further 
designed to examine a/security property value representative of authorizations given 
to members of one/or more data sharing entities. 
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